VOIP as side-channel attack
2024-01-17 22:57:53.995431+01 by Dan Lyke 0 comments
We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side- channel leakage from ongoing computation. Moreover, this information is often conveyed by supposedly-benign chan- nels such as audio recordings and common Voice-over-IP applications, even after lossy compression.
Which leads to extracting keys from libgcrypt's ECSDA implementation, and detecting camping snipers in Counter-Strike:
These players joined one of CS’s standard gaming arenas named cs-assault which features a truck with a cargo container. Our attacker is inside the cargo container, and the camper could be lurking on either side of the truck. In this classic scenario, the attacker would normally not know which side of the track to face when emerging from the container; if they guess wrong, they will be an easy target as the camper is ready to shoot them right after their next step. To discover the camper’s location, our attacker repeatedly moves to the right and to the left, and detects which of the movement causes a change in the VoIP audio sent by the camper, which indi- cates entering into their frustum.